vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Store the loopback device as data on loopback grub_disk structures,

Browse source 
rather than the file it points to.  This fixes use of freed memory
if an existing loopback device is replaced.

* grub-core/disk/loopback.c (grub_loopback_open): Store dev in
disk->data, not dev->file.
(grub_loopback_read): Adjust file assignment to match.
Fixes Ubuntu bug #742967.
This commit is contained in:
Colin Watson 2011-04-01 17:04:10 +01:00
parent 186ae367af
commit 2cccc747ac
2 changed files with 13 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
ChangeLog
View file

@ -1,3 +1,14 @@
2011-04-01 Colin Watson <cjwatson@ubuntu.com>
Store the loopback device as data on loopback grub_disk structures,
rather than the file it points to. This fixes use of freed memory
if an existing loopback device is replaced.
* grub-core/disk/loopback.c (grub_loopback_open): Store dev in
disk->data, not dev->file.
(grub_loopback_read): Adjust file assignment to match.
Fixes Ubuntu bug #742967.
2011-04-01 Colin Watson <cjwatson@ubuntu.com>
* grub-core/disk/loopback.c (grub_cmd_loopback): Fix a memory leak

4
grub-core/disk/loopback.c
View file

@ -162,7 +162,7 @@ grub_loopback_open (const char *name, grub_disk_t disk)
disk->total_sectors = GRUB_DISK_SIZE_UNKNOWN;
disk->id = (unsigned long) dev;
disk->data = dev->file;
disk->data = dev;
return 0;
}
@ -171,7 +171,7 @@ static grub_err_t
grub_loopback_read (grub_disk_t disk, grub_disk_addr_t sector,
grub_size_t size, char *buf)
{
grub_file_t file = (grub_file_t) disk->data;
grub_file_t file = ((struct grub_loopback *) disk->data)->file;
grub_off_t pos;
grub_file_seek (file, sector << GRUB_DISK_SECTOR_BITS);